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Top Stories 

• A former Florida U.S. Postal Service employee was charged November 23 after he 
allegedly stole at least $2.1 million from residents, co-workers, and acquaintances in a fake 
gold and diamond investment opportunity in Africa. - WPLG 10 Miami (See item 12) 

• Five people were charged November 24 in connection to a kickback scheme that resulted 
in $580 million worth of fraudulent billing to the government and insurance companies for 
patient referrals to 2 southern California hospitals. - Associated Press (See item 16) 

• Nine Florida Department of Corrections employees were among 50 individuals arrested the 
week of November 23 for their roles in a scheme that distributed prescription pain 
medication to prisons in the State. - Florida Times-Union (See item 18) 

• Four men were arrested November 24 for allegedly slashing an inflatable dam in Fremont, 
California, May 21, allowing the release of 50 million gallons of water into Alameda 
Creek. - KPIX 5 San Francisco; Associated Press (See item 23) 
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Energy Sector 



1. November 25, Seattle Times - (Washington) Kitsap County hit hard by winds, power 
outages. Utility crews worked to restore power to 15,241 customers that remained 
without service November 25 in Kitsap County following high winds in the Kitsap 
Peninsula and other areas that knocked out electricity to more than 40,700 homes and 
businesses across the region November 24. 

Source: http://www.seattletimes.com/seattle-news/weather/more-than-52k-without- 
power-kitsap-county-hit-hardest/ 

2. November 24, KNTV 11 San Jose - (California) Chemical leak at Livermore oil field 
may have contaminated some Alameda County water supplies. Officials at the 
Hazardous Materials Division at Alameda County’s Department of Environmental 
Health reported November 24 that an investigation is ongoing following a hazardous 
chemical leak at an E&B Natural Resources-operated oil field in Livermore that may 
have contaminated an underground aquifer used for drinking water. 

Source: http://www.nbcbayarea.com/investigations/Chemical-Leak-at-Livermore-Oil- 
Field-May-Have-Contaminated-Some- Alameda-County-Water-Supplies- 
353092171.html 

Chemical Industry Sector 

See item 2 

Nuclear Reactors, Materials, and Waste Sector 

3. November 24, South Jersey Times - (New Jersey) Water leak prompts ‘unusual 
event’ declaration at N.J. nuclear plant. Public Service Enterprise Group Inc.’s 
nuclear division officials reported November 24 that an “unusual event” occurred at its 
off-line Salem Unit 2 reactor in Lower Alloways Creek Township after a relief valve 
improperly opened during troubleshooting, spilling 25 gallons of water from the plant’s 
cooling system November 23. The plant was taken off-line October 22 for scheduled 
refueling and maintenance. 

Source: 

http://www.ni.com/salem/index.ssf/2015/ll/water leak prompts unusual event decla 
ration at nj.html 

Critical Manufacturing Sector 

4. November 23, U.S. Department of Labor - (Texas) Two employers cited for exposing 
workers to fall hazards after a worker falls to his death at a Conroe, Texas, 
construction site. The Occupational Safety and Health Administration announced 
November 23 that it cited Texas-based-Ramco Erectors Inc., for 1 willful violation for 
failing to protect workers with a fall protection system and cited Isabel Facundo Garcia 
for 1 serious violation for failing to protect workers from fall hazards after a Garcia 
employee, supervised by Ramco Erectors Inc. died from injuries sustained at a Conroe, 
Texas archery and gun range construction site. Proposed fines total $69,300 for Ramco 
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Erectors Inc. and $7,000 for Isabel Facundo Garcia. 

Source: 

https://www.osha.gov/pls/oshaweb/owadisp.show document?p table=NEWS RELEA 
SES&p id=29079 

Defense Industrial Base Sector 

Nothing to report 

Financial Services Sector 

5. November 25, Softpedia - (International) Researcher creates gadget that bypasses 
credit card chip&PIN safeguards. A researcher created MagSpoof, a device that can 
accurately read and predict credit card numbers and bypass chip&PIN (CnP) safeguards 
by using information stored inside the magstripe (magnetic strip), which can be 
extracted. Data is removed and fed to MagSpoof allowing hackers to make financial 
transactions by placing the device near point-of-sale (PoS) systems. 

Source: http://news.softpedia.com/news/researcher-creates-gadget-that-bvpasses-credit- 
card-chip-pin-safeguards-496697.shtml 

6. November 24, U.S. Department of Justice - (International) Former California 
attorney pleads guilty in international investment fraud scheme. A Las Vegas man 
pleaded guilty in Federal court November 24 for his role in a nearly $5 million 
investment fraud scheme in which investors were told that with an up-front payment, a 
Swiss company called Malom Group A.G. would grant them access to international 
investment opportunities and cash loans. The man also illegally presented himself as an 
attorney to investors after losing his license to practice law. 

Source: https://www.fbi.gov/lasvegas/press-releases/2015/former-california-attomev- 
pleads-guilty-in-intemational-investment- fraud-scheme 

7. November 24, KDKA 2 Pittsburgh - (Pennsylvania) Millionaire’s secretary pleads 
guilty to fraud charge. A former secretary of a businessman in Pittsburgh pleaded 
guilty November 24 to defrauding the U.S. Internal Revenue Service out of $4 million 
in taxes by claiming that about $20 million of her employer’s personal expenses were 
business expenses including the construction of a mansion, the purchase of numerous 
exotic cars, and by designating staff payroll as business expenses. 

Source: http://pittsburgh.cbslocal.com/2015/ll/24/millionaires-secretarv-pleads-guiltv- 
to-fraud-charge/ 

8. November 24, KCNC 4 Denver - (Colorado) 2nd violent bank robbery suspect 
arrested, search continues for 3rd. Police offered a $10,000 reward November 24 for 
information leading to the arrest of a third suspect charged in a series of crimes 
including a robbery at 1st Bank in Lakewood where 3 suspects entered the bank 
November 18 wearing masks and made off with about $50,000 before shooting and 
injuring at least 2 people during their getaway. Authorities arrested two out of the three 
suspects who are also believed to be tied to a September bank robbery in Lakewood. 
Source: http://denver.cbslocal.eom/2015/l l/24/l-of-2-suspects-identified-in-bank- 
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robbery-crime- spree/ 



For another story, see item 12 

Transportation Systems Sector 

9. November 25, Tampa Bay Times - (Florida) Busy travel day starts quietly at Tampa 
International, St. Petersburg-Clearwater airports. An American Airlines flight to 
Philadelphia turned around 1 hour after takeoff and made an emergency landing at 
Tampa International Airport in Florida November 24 due to a mechanical issue. 

Source: http://home.tampabav.com/news/publicsafetv/american-ahiines-plane-rnakes- 
emergency-landing-at-tia/2255319 

10. November 25, St. Louis Post-Dispatch - (Illinois) MLK Bridge set to reopen week of 
Dec 21. The Martin Luther King Bridge in St. Louis, Missouri, will tentatively reopen 
December 21 after it closed July 20 for a $15.9 million maintenance project to update 
and repair the bridge. 

Source: http://www.stltodav.com/news/local/illinois/mlk-bridge-set-to-open-week-of- 
dec/article 0c0d2 1 -'''4-59 I fr55cl>ac 1 6-8a L72i5ci93J.html 

11. November 24, WCAU 10 Philadelphia - (Pennsylvania) Trooper chase leads to 
highway shootout, fiery crash on busy Philly highway. Interstate 676 in Philadelphia 
was closed for approximately 3 hours November 24 following a traffic stop that led to a 
high-speed chase on the interstate and an exchange of gunfire between a suspect and a 
Pennsylvania State Trooper. 

Source: http://www.nbcphiladelphia.com/news/local/Pennsvlvania-State-Trooper-Shot- 
Shoulder-676-353 161871 .html 

12. November 24, WPLG 10 Miami - (Florida) Former postal employee arrested in 
alleged investment scam. A former Florida U.S. Postal Service employee was arrested 
and charged November 23 after he allegedly stole at least $2.1 million from residents 
on his mail route, co-workers, and acquaintances in a fake gold and diamond 
investment opportunity in Africa, where he promised victims that their investments 
would double and guaranteed certain investors millions of dollars in returns. The 
suspect also persuaded victims to invest in a fraudulent infrastructure project in Africa, 
and instead used the money for personal expenses. 

Source: http://www.locallO.com/news/former-postal-employee-arrested-in-alleged- 
investment- scam/3 663 7 100 

13. November 24, EastIdahoNews.com - (Idaho) One child killed in 1-15 accident, three 
others hospitalized. Northbound lanes of Interstate 15 in Fort Hall were shut down for 
approximately 2 hours November 24 while officials investigated a fatal 2-vehicle crash 
involving a semi- truck and pickup truck that left 1 passenger dead and sent 3 others to 
the hospital with injuries. 

Source: http://www.eastidahonews.eom/2015/l 1/crash-closes-northbound-i- 15-traffic- 
near-fort-hall/ 
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Food and Agriculture Sector 



14. November 25, WAGA 5 Atlanta - (National) Costco chicken salad linked to E. coli 
outbreak. Officials from the U.S. Centers for Disease Control and Prevention reported 
November 24 that the number of confirmed E. coli cases rose to 19 people in 7 States 
in an outbreak linked to contaminated rotisserie chicken salad made and sold at Costco 
Wholesale Corp. stores. 

Source: http://www.fox5atlanta.com/news/54006831-storv 

Water and Wastewater Systems Sector 

See item 2 

Healthcare and Public Health Sector 

15. November 24, WNWO 24 Toledo - (Ohio) Bomb threat forces evacuation of building 
at Mercy St. Vincent Medical Center. The Mercy St. Vincent and Mercy Children’s 
Outpatient Services Building in Toledo was evacuated and closed November 24 due to 
a bomb threat received by staff members. Police and the FBI cleared the scene after 
nothing suspicious was found. 

Source: http://nbc24.com/news/local/bomb-threat-forces-evacuation-of-building-at- 
mercy-st-vincent-medical-center 



16. November 24, Associated Press - (California; Nevada) 5 charged with $580 million 
southern California medical kickback scheme. Officials announced November 24 
that 5 people, including a former hospital executive and 2 surgeons, were charged in 
connection to a kickback scheme that resulted in $580 million worth of fraudulent 
billing to the government and insurance companies. Two defendants pleaded guilty and 
two others agreed to plead guilty in connection to the scam which involved paying 
dozens of medical professions tens of millions of dollars to refer patients to Pacific 
Hospital of Long Beach and Tri-City Regional Medical Center in southern California 
for spinal surgeries. 

Source: http://www.startribune.com/5-charged-in-580m-southem-califomia-kickback- 
scheme/353295921/ 



For another story, see item 18 

Government Facilities Sector 

17. November 24, CAW - (Washington) Western Washington University cancels classes 
after ‘hate speech’ threat. University officials announced that all classes at Western 
Washington University’s main campus in Bellingham were cancelled November 24 
following social media threats targeting students of color. 

Source: http://www.cnn.com/2015/ll/24/us/western-washington-universitv- 
threat/index .html 
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Emergency Services Sector 



18. November 25, Florida Times-Union - (Florida) 50 arrested in prison painkiller sting. 
The Bradford County Sheriffs Office announced that 9 Florida Department of 
Corrections (FDOC) employees were among 50 individuals arrested the week of 
November 23 for their roles in a scheme that distributed the prescription pain 
medication, Oxycodone, to prisons in the State after FDOC workers obtained the 
narcotics through suppliers and individuals with legitimate prescriptions. 

Source: http://iacksonville.com/news/crime/2015-ll-24/story/50-arrested-prison- 
painkiller-sting 

Information Technology Sector 

19. November 25, Securityweek - (International) Reuse of Cryptographic keys exposes 
millions of IoT: study. Researchers from SEC Consult released a report identifying 
that millions of Internet-of-Things (IoT) devices use the same cryptographic keys 
hardcoded into the firmware, including secure shell (SSH) host keys and X.509 
certificates used for Flypertext Transfer Protocol Secure (HTTPS), that may allow 
attackers to obtain sensitive information by connecting to a victim’s network and 
leveraging the keys to launch impersonations, man-in-the-middle (MitM) attacks, and 
passive decryption attacks. 

Source: http://www.securityweek.com/reuse-cryptographic-keys-exposes-millions-iot- 
devices-study 



20. November 24, Wall Street Journal - (International) U.S. fines tech firm $1.5 million 
over sanctions violations. Campbell, California-based Barracuda Networks Inc., 
agreed November 24 to pay about $1.5 million to the U.S. Department of Commerce 
and $38,930 to the U.S. Department of the Treasury to resolve allegations that the 
company and its U.K. subsidiary violated U.S. sanctions and export control laws after 
selling Internet security products, Web-filtering products that can block or censor 
Internet activity, and related software subscriptions to Syria, Iran, and Sudan. 

Source: http://blogs.wsj.com/riskandcompliance/2015/ll/24/u-s-fines-tech-firm-l-5- 
million-over-sanctions-violations/ 



21. November 23, Securityweek - (International) Malicious adware uses certificates to 
disable security products. Researchers from Malwarebytes detected a trojan adware, 
dubbed Vonteera, that blacklists 13 certificates as “Untrusted Certificates” in Microsoft 
Window’s certificate store to prevent anti-malware products that block its infection as 
well as execute a new service called “appinf.exe” onto infected operating systems that 
modifies desktop, taskbar, and start menu shortcuts via a script designed to redirect 
victims to randomized Web sites. 

Source: http://www.securityweek.com/malicious-adware-uses-certificates-disable- 
security-products 
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Internet Alert Dashboard 



To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or 
visit their Web site: http://www.us-cert.gov 

Information on IT information sharing and analysis can be found at the IT IS AC (Information Sharing and 
Analysis Center) Web site: http://www.it-isac.org 



Communications Sector 

Nothing to report 

Commercial Facilities Sector 



22. November 25, Agence France-Presse - (National) Hilton Hotels hit by cyberattack. 
Hilton Worldwide Holdings, Inc. officials reported November 24 that its point-of-sale 
(PoS) computer systems were breached via a malicious code that collected and stole 
credit card information including names, card numbers, security codes, and expiration 
dates. Hilton is investigating the breach and advised customers to monitor their bank 
accounts for fraudulent activities. 

Source: http://www.securitvweek.com/hilton-hotels-hit-cyber-attack 
For another story, see item 1 

Dams Sector 



23. November 24, KPIX 5 San Francisco; Associated Press - (California) Four arrested 
for triggering 50-million gallon Fremont water spill. Four men were arrested 
November 24 for allegedly slashing an inflatable creek dam in Fremont May 21, 
allowing the release of 50 million gallons of water into Alameda Creek and causing an 
estimated $1 million in damage to the dam. 

Source: http://sanfrancisco.cbslocal.com/2015/ll/24/four-arrested-for-triggering-50- 
million-gallon-fremont-water-spill/ 
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Department of Homeland Security (DHS) 

DHS Daily Open Source Infrastructure Report Contact Information 

About the reports - The DHS Daily Open Source Infrastructure Report is a daily [Monday 
through Friday] summary of open-source published information concerning significant critical 
infrastructure issues. The DHS Daily Open Source Infrastructure Report is archived for 10 days on 
the Department of Homeland Security Web site: http://www.dhs.gov/lPDailyReport 

Contact Information 

Content and Suggestions: Send mail to cikr.productfeedback@hq.dhs.gov or contact the DHS 

Daily Report Team at (703) 942-8590 

Subscribe to the Distribution List: Visit the DHS Daily Open Source Infrastructure Report and follow 

instructions to Get e-mail updates when this information changes . 

Removal from Distribution List: Send mail to support @ govdelivery.com . 



Contact DHS 

To report physical infrastructure incidents or to request information, please contact the National Infrastructure 
Coordinating Center at nicc@hq.dhs.gov or (202) 282-9201. 

To report cyber infrastructure incidents or to request information, please contact US-CERT at soc@us-cert.gov or visit 
their Web page at www.us-cert. gov . 

Department of Homeland Security Disclaimer 

The DHS Daily Open Source Infrastructure Report is a non-commercial publication intended to educate and inform 
personnel engaged in infrastructure protection. Further reproduction or redistribution is subject to original copyright 
restrictions. DHS provides no warranty of ownership of the copyright, or accuracy with respect to the original source 
material. 
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